That Time Ken Thompson Wrote a Backdoor into the C Compiler

https://micahkepe.com/blog/thompson-trojan-horse/

77•thunderbong•11h ago

Comments

fjfaase•10h ago

Interesting. I reviewd the live-bootstrap project (a project to build a trusted C compiler for building Linux) in the past years, including writing a Linux on i368 simulator/interpreter, and gave a presentation about this at WHY2025.

turtleyacht•9h ago

Assigning 11 to mean "v" in the sequence "\v" sounds like replacing words (or letters) with numbers.

Is that related to Godel's idea that a system can be either complete or inconsistent?

Digit-Al•8h ago

"\v" is an ASCII control character, and means "vertical tab" (VT). In ASCII it is code 11, which is why they are inserting the number 11.

turtleyacht•8h ago

Yes. In this case, it represents "teaching" the compiler something it didn't previously "know" about. But wanted to connect that to whether the computed output of a language could ever be falsifiable, i.e. we would not know it happened.

tetris11•7h ago

Ken Thompson's Reflections on Trusting Trust[0] was one of the motivations for Guix's single 357-byte seed (+libguile) full bootstrap[1].

0: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...

1: https://guix.gnu.org/en/blog/2023/the-full-source-bootstrap-...

fjfaase•6h ago

For the 'full' graph for stage0 see: https://fransfaase.github.io/Emulator/tdiagram.html and note that it even is not completely 'full' leaving out some steps that copy file from one location to another. Use mouse or fingers to zoom and pan.

I gave a talk about this at WHY2025 which also refers to this 'Reflections on Trusting Trust' paper. On YouTube https://www.youtube.com/watch?v=akzyyO5wvm0

tetris11•29m ago

nice work!

kaem is a new one for me, what's its connection to mescc?

donatj•7h ago

Hmm... I've read about "Reflections on Trusting Trust" a couple times including in college some twenty years ago, though never the paper itself.

I have never seen the actual examples before, but the way it's always been described to me I kind of expected more...

It was always described as completely undetectable... so my assumption was one could not find it even with a decompiler and a lot of free time...

I guess I expected for instance it to filter patterns of itself out of fread for instance, such that a system built with it literally could not detect its existence at all. I expected it to make the operating system at large lie to you.

fjfaase•6h ago

One can find it out with a decompiler and a lots and lots of free time. Compilers are not trivial programs, especially the ones needed to compile operating systems, with the required optimizations, and there are many ways to obfuscate code.

A better approach is to start with a small executable, one that translate hexadecimal numbers to binary, and from that build all the tools to compile a simple C compiler (such as the Tiny C Compiler, which is not very tiny), to compile the optimizing C compiler that can compile operating systems. That is the approach followed by the live-bootstrap project.

colejohnson66•4h ago

That’s what Guix did. All the way back to a 357 byte assembly code blob that turns a hex file into a binary file, and can “compile” itself.

richardhenry•3h ago

If the compromised compiler also compiles the decompiler…

Synadia and TigerBeetle Commit $512k USD to the Zig Software Foundation

Libera Chat receives legal advice that the Online Safety Act does not apply to

Rock Tumbler Instructions: Turning Rough Rocks into Beautiful Tumbled Stones

Making a micro Linux distro (2023)

The future of Python web services looks GIL-free

Jacqueline – A minimal i386 kernel written in Pascal

Unlocking free WiFi on British Airways

The Swift SDK for Android

Magic sizes enable high-fidelity assembly of programmable shells

People with blindness can read again after retinal implant and special glasses

React vs. Backbone in 2025

Valetudo: Cloud replacement for vacuum robots enabling local-only operation

Key IOCs for Pegasus and Predator Spyware Removed with iOS 26 Update

Against SQL

Calculating the Bounding Rectangle of a Circular Sector

First convex polyhedron found that can't pass through itself

Study: MRI contrast agent causes harmful metal buildup in some patients

The State of Machine Learning Frameworks in 2019

Harnessing America's heat pump moment

What is intelligence? (2024)

I invited strangers to message me through a receipt printer

Context engineering is sleeping on the humble hyperlink

Public Montessori programs strengthen learning outcomes at lower costs: study

Code like a surgeon

The geometry of mathematical methods

Twake Drive – An open-source alternative to Google Drive

Diamond Thermal Conductivity: A New Era in Chip Cooling

Luau's performance

Meet the real screen addicts: the elderly

The persistence of tradition: the curious case of Henry Symeonis (2023)